No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Answer: the “party in the best position to prevent the fraud.” In the digital age, where cyber-attacks are becoming more sophisticated, all legal professionals should take heed of the recent decision in Thomas v. Corbyn...more
The University of Pittsburgh Medical Center (UPMC) recently settled a data breach class action for $450,000 stemming from a 2020 data breach that led to the compromise of about 36,000 UPMC patients....more
Report on Patient Privacy 22, no. 1 (January, 2022) - New Jersey issued its third settlement in three months on state-level health care privacy and security laws, announcing that three cancer care providers would adopt new...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
Sabre Corporation, the travel technology company, agreed to pay $2.4 million as a settlement with twenty-seven (27) State Attorneys General for a 2017 data breach involving hotel booking services....more
The operator of CafePress, an online retailer that sells customizable mugs and other products, has reached an agreement with New York State Attorney General Letitia James and six other State Attorneys Generals to settle...more
CYBERSECURITY - Responding to Cyber-Attacks in the Utility and Energy Sectors - To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American...more
Home Depot has agreed to settle a multi-state enforcement action by 46 U.S. states and Washington, D.C. arising from the data breach that occurred in 2014. Home Depot has agreed to pay $17.5 million to put the enforcement...more
With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more
On Tuesday, September 15, New York Attorney General Letitia James announced a settlement with Dunkin’ Brands Inc. regarding a lawsuit in New York state court titled The People of The State of New York et al. v. Dunkin’ Brands...more
CYBERSECURITY - Maze Continues to Strike Companies - It is being reported by ZDNet that the Maze ransomware group has attacked two companies that, apparently, refused to pay the requested ransom, so Maze, as it...more
The U.S. Office of the Comptroller of the Currency (OCC) announced this week that it has entered into a Consent Order and fined Capital One $80 million for the data breach the company experienced last year....more
Arizona-based Banner Health has agreed to settle for up to $6 million a class action case filed against it following a 2016 incident that compromised the personal information of 3 million individuals....more
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
We have definitely seen an uptick in the number of ransomware attacks against municipalities around the country. Thus far, the attacks have been against single cities, towns, and court systems, and recently against a...more
Just recently, Equifax had the largest-ever settlement for a data breach. They are to pay at least $575 million, and potentially as much as $700 million, to settle allegations over its massive 2017 data breach. What we tell...more
In a set of recent settlements, the Federal Trade Commission (the FTC or Commission) resolved charges against two companies, ClixSense and D-Link, for failing to provide reasonable security and to live up to their data...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services recently announced that 2018 was a significant year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. ...more
On February 7, 2019, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services published the resolution agreement for its final HIPAA settlement of 2018. ...more
A relatively quiet year for HIPAA enforcement is ending with a small flourish. The Office of Civil Rights of the Department of Health and Human Services (HHS) has announced two settlements with covered entities within the...more
Hilton Domestic Operating Co., Inc. (Hilton) has agreed to pay the New York and Vermont Attorneys General $700,000 to settle allegations that they violated those state consumer protection and data breach notification laws...more
The Sony data breach in 2014 was one of the most significant breaches experienced and was a first on many fronts. It was alleged to have been caused by North Korean hackers (calling themselves Guardians of Peace) seeking to...more
On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
Senior U.S. District Court Judge Paul Magnuson issued an order on Thursday, May 7 denying a request by counsel for card issuer banks to enjoin the settlement of data breach related claims negotiated between Target and...more